Security alert! Security alert!
Brian J Dooley reports on the evolving landscape of security solutions, where even in a down economy, there's always a way for resellers to make money
By Brian J Dooley, Auckland | Wednesday, August 01 2012
Even in a depressed economy, security remains a sure bet for resellers. The need for complete solutions is of increasing urgency as mobility and hybrid clouds dominate the business scene. Small businesses have the same exposure to risk as large business, but must manage it on a reduced budget. Luckily, many vendors are now providing help.
HP’s focus with security is not on the end-user device, but in the corporate IT domain. HP sells traditional firewall products through the H3C Secpath product line. It also offers state-of-the-art intrusion (IPS) products with the TippingPoint product set.
“There is growing awareness in the sector that traditional security approaches based on end-point security products and desktop/laptop systems and servers are no longer sufficient to provide more than a moderate level of protection against an increasingly sophisticated threat landscape,” says Dave Eaton, CTO, enterprise services. “Without the appropriate infrastructure, organisations run the risk of damaging their reputations, undermining business growth and negatively impacting customers, partners and employees.”
Mobile devices, most of which contain multiple user identities, are not directly under the control of the business and yet are a potential source of compromise from direct attack through to information leakage. “The use of new consumption models based around cloud services also requires diligence,” says Eaton. “This relates to both the technical features, and to the regulatory framework for businesses that are consuming and providing cloud services.
Eaton notes a number of significant trends in this market, such as real-time end-to-end security views, the need for businesses to put security in a broader regulatory context, and prevention of breaches and unauthorised disclosure. He says security must also expand from an IT-led discipline to one that encompasses all aspects of the organisation.
“The most serious security threats are ‘advanced persistent threats,’” says Eaton. “Attackers only need to trick a single employee into opening a piece of malware that exploits a zero-day vulnerability, giving them access to not just the employee's PC, but potentially the entire corporate network.”
For resellers, Eaton believes that partnerships are critical in providing the leverage needed for small companies to on-sell products and services to medium to large New Zealand businesses. “Specialised expertise in specific security domains can be a valuable addition to a broader but less specific range of technologies and expertise provided by a larger player,” he says.
Cisco is one of the largest security companies today. “Our product range is primarily focused on network security, which means Cisco is well placed to help our customers as security moves to the network through the influence of trends such as consumerisation of IT, BYOD and cloud computing,” says security expert John-Paul Sikking. “These trends make it very difficult for organisations to find the best place to enforce security.”
Sikking suggests organisations face key threats from increased mobile attacks, more effective mobile browser exploits, bot-nets (especially those adapated to data mining), internet infrastructure, and advanced persistent threats.
“The best thing is to remain vigilant, continue with good security practices, educate users and maintain up to date defences, preferably ones that use global correlation and threat management systems,” says Sikkiing.
Social networking and IPv6 transitions add to an already complex BYOD and cloud computing environment. “These are four massive shifts in the way we manage technology, which will not only impact our working lives, but our private lives as well,” he says.
Compliance will always be a requirement for businesses but its importance will change with the level of enforcement and impact to the business, especially with the Copyright (Infringing File Sharing) Amendment Act of 2011.
“We can’t control the threats, but we can lessen the likelihood of the threat succeeding and the impact that it could have on the business,” says Sikkiing. “Maintain a good security policy, processes and technology and this will go a long way to reducing the risk. All resellers should be selling secure solutions. No one would buy a car without brakes, why would you buy a network or technology that was not secure.”
WatchGuard builds all-in-one network content security solutions. “Small and medium businesses have the same concerns as larger organisations in relation to their network being breached,” says AP vice president, Scott Robertson. “However whilst a larger organisation would be able to carry the costs, many in the small and medium business sector would not have the financial resources to survive. The current economic climate would have the greatest impact on the small and medium business sector in making them more cautious. Many are choosing to take the risk rather than make the necessary investment.”
The Copyright Amendment Act has raised compliance issues for any business with shared access to the public internet. “To ensure compliance with the act, businesses require the use of next generation multi-function firewalls with application awareness to identify, manage and report on all internet access, whether via a web browser, a file sharing application or any of the thousands of applications in common use today,” says Robertson.
Businesses need trusted security solutions that are cost-effective and easy to manage, yet provide multi-layered, extensible protection against current and emerging threats. They need to look for solutions that also provide visibility tools for real-time monitoring and analysis, along with comprehensive logging and reporting.
Websense offers unified web security, email security, mobile security, and data loss prevention solutions. “Our content security solutions help businesses leverage social media and cloud-based communication, while protecting from advanced persistent threats and modern malware, preventing the loss of confidential information, and enforcing internet use and security policies,” says ANZ country manager, Gerry Tucker. “Traditional defences just aren’t working any more. Organisations need real-time defences with multiple detection points that deeply analyse both the inbound content of each website and email as well as the outbound transmission of sensitive data.”
The IT industry has spent years working on desktop security and trying to prevent data loss over web and email channels - but mobile devices are radically changing the game. Tablets and iOS devices are replacing laptops as employees bring their own devices to work and access business information. These devices open the door to unprecedented loss of sensitive data.
“Today, even smaller companies fall victim to the toughest web, email, and data threats. Almost all attacks now involve a web component and take advantage of the human element as the weakest link,” says Tucker. “Social engineering, combined with social profiling and geo-location variables provide easy entry for targeted attacks. Yesterday’s high-volume attacks are quickly caught by threat-monitoring radar systems, so they have been replaced with focused sniper attacks that use exploits for a clear shot of threat delivery.”
The Websense 2012 Threat Report pointed to a trifecta of data theft issues: social media lures; hard-to-detect malware; and sophisticated data extraction.
“The popularity of mobile devices is creating a large target installed base and cybercrime is actively innovating to harvest information for profit,” says Tucker. “Like all end points, a BYOD needs protection from web and email threats, scams, and lures. Humans will always provide too much information unknowingly and enable the dispersion of threats and lures to others.
“Ultimately, in order to safely permit corporate use of mobile devices, we recommend solutions which combine four key components - web security, data security, mobile malware and app protection, and vital mobile device management features - into one solution. A cloud security service also ensures that you can have security available anytime anywhere, preventing confidential data loss on iPads, iPhones, Android, and other mobile devices.”
Tucker says that every SMB should have a way of identifying and blocking incoming threats via email and the web, and needs to be able to prevent staff from accessing high-risk and low productivity web sites. “Ideally, email security should have the ability to check embedded URL links, and web protection must be able to scan web sites in real-time for hidden malicious code,” he says. “So, we're talking about solid email and web security solutions. Data protection is most likely to be of interest to medium sized organisations wanting to protect its confidential information, or where staff turnover is higher and managers or owners can't keep an eye on the minutiae of activity that goes on throughout the day.”
Ultimately, it is important to also ensure you are protected after an event. “No matter what you are running — anti-virus, URL filtering, next generation firewalls — cybercriminals may find a way in and will establish command and control communication to steal your data,” says Tucker. “
Good Technology’s flagship product, Good for Enterprise, provides secure email, calendaring, intranet and contacts along with mobile device management for iOS, Android and Microsoft phone devices. “The SMB sector is one of our most viable and growing markets,” says Jim Watson, VP and corporate GM, APAC. “As the line between work and personal use of mobile devices is increasingly blurring, small and medium businesses need to develop a strategic plan and rules for mobility management. Mobile devices exacerbate the threat of data loss and theft because they effectively move sensitive data beyond the business firewall.”
Watson recounts his experience in presentation of mobile security issues to vendors and users. “I typically ask CIOs ‘How do you secure this laptop?’ and they always say ‘We use AV and Firewalls and VPNs on a company provisioned laptop.’ I then hold up an iPad and ask them what security best practices are they employing on this great consumer product. In all likelihood, the answer is none. The problem is that we have moved beyond the wireless laptop at lightning speed and businesses, small and large, are in the midst of trying to create new IT policies and security measures to meet today’s mobile workforce, on smartphones, Androids, and tablets of all types that are being driven by the employee in most instances.”
Mako Networks offers security solutions specially designed to connect SMBs to the internet and protect them from internet-based threats. “The Mako System is specially designed to meet the stringent Payment Card Industry Data Security Standards (PCI DSS),” says CEO Bill Farmer. “Small and medium businesses should be especially concerned about the growing risk of credit card fraud and hacking. Several studies have shown that as more large enterprises increase and improve their network security, fraudsters are shifting their focus to target less-protected SMBs.”
Network security is about protecting sensitive data, and there’s no data more desired by hackers than credit card data. Around the world, SMBs are wrestling with PCI DSS, which can help safeguard card data and prevent fraud by ensuring that a set of minimum security practices are in place. Compliance with the PCI DSS is becoming increasingly important in New Zealand – particularly in the wake of recent card fraud incidents.